Cryptonews Altcoin News

Hackers Attack Telecom Argentina, Demand USD 7.5m In Monero

Argentina Hack Monero Privacy

Last updated: June 26, 2023 06:55 EDT

Author

Eimantas Žemaitis

Author Categories

About Author

Eimantas is a copywriter, Bitcoin and crypto journalist, and a life-long media student with a strong drive to explore the intersection between all forms of media, money, marketing, education, and the...

Author Profile

Last updated:

June 26, 2023 06:55 EDT

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Telecom S.A., the largest telecommunications company in Argentina, has suffered a ransomware attack as hackers demand USD 7.5m ir privacy coin monero (XMR) to be paid until the night of Tuesday, July 21. If the company does not meet the deadline, the payable amount will rise to USD 15 million (XMR 216,189).

The hackers are not only demanding the ransom to be paid in XMR but also left a message with links where to buy this privacy coin.

An image of the ransomware leaked to Twitter. Source: Alex Kruger @krugermacro

Per the local news outlet, the attack has not affected users or internet and telephone services provided by Telecom Argentina. Still, the company has reportedly lost access to Office365 and OneDrive files. Other affected internal systems include corporate VPN, Citrix, Siebel, Genesys, the Customer and Field Service virtual machines, and internal users’ PCs.

The attack has likely come through an attachment in an email, according to speculations on social media. Twitter user @pablowasserman said that the malware targeted company’s customer relationship management (CRM) software Siebel, which contains data from its clients.

In a leaked internal memorandum to employees, the company said it was looking for a viable solution as soon as possible, simultaneously asking its employees to avoid certain behaviors like using the corporate network, open suspicious files or emails from unknown recipients, and turning off computers until the situation is normalized.

Telecom Argentina S.A. is yet to issue an official statement on the situation.

According to local reports, the attack had started as early as Wednesday, when employees began noticing trouble accessing company’s VPN and other databases. Preliminary estimates indicate that the attack may impact daily operations of at least 18,000 teams.

The malware used in the attack is REvil ransomware, also known as Sodinokibi, which was first detected on April 17, 2019. The malware is used by a financially motivated group GOLD SOUTHFIELD.

Ransomware is a type of malware that aims to encrypt files on infected computers and makes them inaccessible until payment is made. Even when the payment is made, there is no guarantee that the hackers will unlock the files.

The hack happened just a few days after the massive Twitter hack, which is now being investigated by the FBI.

Meanwhile, in June, Cryptonews.com reported that ISIS-affiliated website has switched from accepting donations in bitcoin (BTC) XMR due to insufficient privacy measures on the Bitcoin network.